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DETAILED ACTION 

1. Application Number 09/832, 670 was filed on 04/11/2001. Claims 1-23 are subject to 
examination. 

Response to Arguments 

2. Applicant's arguments filed October 05, 2004 have been fully considered but they 
are not persuasive for the following reasons: 

Claims 1, 3-5, and 7-9, 

a. In response to Applicant's arguments that "Lin explicitly states that the flow 
classification, or determining of actions to apply to a flow based on policies, is not 
appropriate for hardware and must be done by a policy application with its policy 
database residing on a separate server from the policy engine, (col. 2, lines 1-10, and 
col. 2, lines 56-61 ) Once a policy has been determined for a flow, the remaining packets 
not seen by the policy application, (col. 5, lines 19-23)" and This is distinct from Lin 
where the determination of policy treatment for the flows and the database of policies 
themselves are not part of the policy engine, but rather in a completely separate piece 
of equipment running legacy software applications which do not operate at network 
speeds.". The reference teaches the concept of integrated service (col. 3, lines 20-24) 
platform, col. 4, lines 21-27 and 46-55 including "traffic Management" and defines the 
"Policy" which are "collectively stored in a policy database accessible to policy-based 
applications" in col.3, lines 25-33. As such, it represents the invention in Fig. 3 wherein 
the policy determination and database is part of the policy engine. 
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Claims 2, 10-15 and 18, 

b. In response to Applicant's arguments that "Further, the use of multidirectional 
engines in Lin is not obvious, again because of the nature of how Lin makes policy 
determinations. As stated, Lin's policy determinations are made by third party 
application software running on a separate piece of equipment. Because the policy 
determination mechanism is outside of the network equipment it would not be obvious 
to include a second engine to handle data in the opposite direction. The reason the 
present invention is able to use two unidirectional policy engines for traffic flowing in 
opposite directions is that each policy engine is able to make policy determinations for 
traftic flowing through it.", first of all, as stated above, the policy determination and 
database is part of the policy engine, and the reference teaches "When multiple 
network services are to apply to the same flow, this is called "Integrated Services". 
Integrated Services simplify the management of various service policies, minimize 
potential policy conflicts and reduce TCO (Total Cost of Ownership).", as such the 
policy determination mechanism is not outside of the network equipment, and policy 
determinations are not made by third party application software and not running on a 
separate piece of equipment. Therefore, it would be obvious to include a second 
engine to handle data in the opposite direction, allowing both policy engines to make 
policy determinations for traffic flowing through them. 
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Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another 
filed in the United States before the invention by the applicant for patent or (2) a patent granted on an 
application for patent by another filed in the United States before the invention by the applicant for patent, 
except that an international application filed under the treaty defined in section 351 (a) shall have the effects 
for purposes of this subsection of an application filed in the United States only if the international application 
designated the United States and was published under Article 21(2) of such treaty in the English language. 

4. Claims 1 , 3-5, 7-9 are rejected under 35 U.S.C. 102(e) as being anticipated Lin 
(US 6, 542, 508). 

Referring to claim 1, 

The reference teaches a network processing system for enforcing network policies on a 
network, the network consisting of multiple data packets, the data packets forming a 
plurality of flows, the network processing system (Abstract) comprising: 

a network interface operable to receive data packets from the network and 
further operable to send processed data packets back onto the network; and (Fig.3, 
element 403 t "data path") 

a processing engine in communication with the network interface (Fig.3, element 
1 06), the processing engine operable to associate each data packet with an identifier, 
wherein the identifier is associated with the flow of which the data packet is part, the 
processing engine further operable to compare each flow to a database stored in the 
processing engine, the database storing information on a set of programmable network 
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policies, the set of programmable network policies determining a treatment for each 
flow, such that the processing engine is able to modify and direct the data packets 
according to the treatment indicated. (col.4, lines 54-67 thru col. 5, lines 4-25 and Fig.3). 
Referring to claims 3 and 4, 

The reference teaches the network processing system of claim 1 wherein the 
processing engine maintains a state for one or more flows, the state associated with 
each flow using the identifier, and wherein the state existing for the particular flow at the 
time a new packet belonging to the particular flow is examined is used in conjunction 
with the database to determine the treatment.(col.4, lines 65-67 thru col. 5, lines 1-10). 
Referring to claim 5, 

The reference teaches the network processing system of claim 1 wherein the 
processing engine is able to examine the entire contents of each packet, (col.5, lines 
11-25). 

Referring to claim 7, 

The reference teaches the network processing system of claim 1 wherein the set of 
programmable network policies are stored as signatures in a signature memory. (Fig.3, 
element 202). 
Referring to claim 8, 

The reference teaches the network processing system of claim 1 wherein the 
processing engine includes a header preprocessor for examining header information in 
the packet, a content processor for comparing the packet to the database and 
determining a treatment, and a quality of service processor for modifying the packet and 



Application/Control Number: 09/832,670 Page 6 

Art Unit: 2154 

directing the packet according to the treatment, (col.4, lines 29-34, Fig. 3, elements 206, 
col.3, lines 44-50, col.4, lines 35-37). 
Referring to claim 9, 

The reference teaches the network processing system of claim 8 wherein each 
processing engine further includes a microprocessor for supplemental operations. 
(Fig.3, elements 206, Abstract). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made to 
a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

6. Claims 2, 10-15 and 18 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Lin (US 6, 542, 508) 

Referring to claim 2, 

Keeping in mind the teachings of the reference Lin as stated above, the reference fails 
to teach a second processing engine, wherein each processing engine is unidirectional 
in the opposite direction thereby creating a bi-directional network processing system. 
However, if another identical policy engine, taught by Lin, is added to the network 
processing system, then the system can have an ability to handle the traffic flow 
independently in opposite directions. Therefore, it would have been obvious to one 
having ordinary skill in the art at the time of invention was made to provide two policy 
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engines identical to the one taught by Lin such that the traffic from two directions can be 
handled, and as such producing bi-directional policy engine incorporated into the 
network processing system. 
Referring to claims 10, 11 and 12, 

The reference teaches network processing system for enforcing network policies on a 
network, the network consisting of a plurality of data packets, the plurality of data 
packets forming a plurality of flows, the network processing system (Abstract) 
comprising: 

at least one left line interface operable to receive data packets from the network 
and to send processed data packets onto the network; (Fig. 3, element 403, "data path") 

a right processing engine receiving data packets from the left interface, and 
sending processed data packets to the right line interface;(Fig.3 , element 106) 

the right processing engine further comprising: 

a traffic flow processor (Fig. 3, element 204, flow classifier)processing the data 
packets to associate each data packet with a particular flow, to maintain state for a 
subset of flows, and to compare each flow to a database of network policies/the data 
base of network policies indicating a treatment for the data packets of each flow; 

a quality of service processor(Fig.3, element 206, action processor) 
communicating with the traffic flow processor and receiving the treatment from the traffic 
flow processor instructing the quality of service processor how to modify the contents of 
the data packet and which quality of service to give the data packet, (col.4, lines 65-67 
thru col.5, lines 1-10). 
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The reference fails to teach at least one right line interface operable to receive data 
packets from the network and to send processed data packets onto the network; and a 
left processing engine receiving data packets from the right interface, and the left 
processing engines further comprising: a traffic flow processor processing the data 
packets to associate each data packet with a particular flow, to maintain state for a 
subset of flows, and to compare each flow to a database of network policies, the data 
base of network policies indicating a treatment for the data packets of each flow; a 
quality of service processor communicating with the traffic flow processor and receiving 
the treatment from the traffic flow processor instructing the quality of service processor 
how to modify the contents of the data packet and which quality of service to give the 
data packet. However, if another identical policy engine, taught by Lin, is added to the 
network processing system, then the system can have an ability to handle the traffic 
flows independently in opposite directions. Therefore, it would have been obvious to 
one having ordinary skill in the art at the time of invention was made to provide two 
policy engines identical to the one taught by Lin such that the traffic from two directions 
can be handled, and as such producing bi-directional policy engine incorporated into the 
network processing system. 
Referring to claim 13, 

The reference Lin teaches the network processing system of claim 10 wherein the traffic 
flow processor is comprised of a header preprocessor and a content processor, the 
header preprocessor operable to examine header information for each packet, and the 
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content processor operable to compare the packet with the database of network 
policies, (col.4, lines 29-34, Fig.3, elements 206, col.3, lines 44-50, col.4, lines 35-37). 
Referring to claim 14, 

The reference Lin teaches the network processing system of claim 10 wherein the 
database of network policies is a memory image of signatures, the signatures forming 
the network policies. (Fig.3, element 202). 
Referring to claim 15, 

The reference Lin teaches the network processing system of claim 10 wherein the state 
existing for the particular flow at the time a new packet belonging to the particular flow is 
examined is used in conjunction with the database to determine the treatment, (col.4, 
lines 65-67 thru col.5, lines 1-10). 
Referring to claim 18, 

The reference teaches the network processing system of claim 10 wherein the left and 
right processing engines further comprise a microprocessor for supplemental 
processing operations. (Fig.3, elements 206, Abstract). 

7. Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over Lin (US 
6, 542, 508) in view of Natarajan et al. (hereinafter Natarajan)(US 6, 751 , 662). 
Referring to claim 17, 

Keeping in mind the teachings of the reference Lin as stated above, the reference fails 
to teach wherein the management interface is further operable to retrieve statistical and 
event information from each of the network processing systems. The reference 
Natarajan teaches "A feedback-based adaptive network is described wherein at least a 
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portion of the network elements report operating information relating to network 
conditions to a centralized data store. The information which is reported to the data 
store is analyzed by a policy engine which includes a plurality of application specific 
plug-in policies for analyzing selected information from the data store and for computing 
updated control information based upon the analysis of the information." (Abstract). (the 
management interface is further operable to retrieve statistical and event information 
from each of the network processing systems.). Therefore, it would have been obvious 
to one having ordinary skill in the art at the time of invention was made to modify Lin by 
adding the capabilities of Natarajan such that based on the information retrieved from 
the network is analyzed by the policy engine and If it is determined that a particular 
characteristic of the network does not conform with the standards established for that 
characteristic, the policy which controls that particular characteristic of the network may 
be automatically and dynamically modified to thereby affect the network performance as 
taught by Natarajan. It is well known in the art to establish communications and 
exchange information between different components and modules such that the control 
over the network in maintained. 

Allowable Subject Matter 

Referring to claims 6 and 16, 

Claims 6 and 16 are objected to as being dependent upon a rejected base claim, but 
would be allowable if rewritten in independent form including all of the limitations of the 
base claim and any intervening claims. 
Referring to claims 19-23, 
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Claims 1 9-23 are allowed. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ashok B. Patel whose telephone number is (571) 272- 
3972. The examiner can normally be reached on 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John A Follansbee can be reached on (571 ) 272-3964. The fax phone 
number for the organization where this application or proceeding is assigned is 703- 
872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-d.irect.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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